[Full-disclosure] Snort Back Orifice Preprocessor Exploit (Win32 targets)
Kira
trir00t at gmail.com
Tue Nov 1 10:56:46 GMT 2005
Dear All
I wrote Snort Back Orifice Preprocessor Exploit for Win32 targets. It's for
educational purpose only.
This exploit was tested on
- Snort 2.4.2 Binary + Windows XP Professional SP1
- Snort 2.4.2 Binary + Windows XP Professional SP2
- Snort 2.4.2 Binary + Windows Server 2003 SP1
- Snort 2.4.2 Binary + Windows Server 2000 SP0
- Snort 2.4.2 Bianry + Windows 2000 Professional SP0
Note 01: This exploit was written in form of MetaSploit module, so you need
metasploit to launch it.
Note 02: The exploit's quite reliable, but if it doesn't work on your
machine, try to find address of 'jmp esp' instruction and replace it to the
old return address.
Regards,
Kira
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20051101/217b9818/attachment.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: snort_bo_overflow_win32.pm
Type: application/octet-stream
Size: 3507 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20051101/217b9818/attachment.obj
Full-Disclosure is hosted and sponsored by Secunia.